Mac Security Guru: Snow Leopard less secure than Windows !
Snow Leopard lacks security features that are built in to Windows XP, Windows Vista and Windows 7, a noted Mac researcher has said.
?Apple didn?t change anything,? said Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker?s Handbook, and winner of two consecutive ?Pwn2own? hacker contests. ?It?s the exact same ASLR as in Leopard, which means it?s not very good.?
Because Snow Leopard lacks fully-functional address space layout randomisation, Macs are still easier to compromise than Windows Vista systems, Miller said. ?Snow Leopard?s more secure than Leopard, but it?s not as secure as Vista or Windows 7,? he said. ?When Apple has both [in place], that?s when I?ll stop complaining about Apple?s security.?
Address Space Layout Randomization (ASLR) is another technology, new in Windows 7 & Vista, that defend against the buffer overrun exploits. Each time you boot Windows, the system code is loaded into different locations of the memory. This seemingly simple change thwarts a class of well-known attacks in which the exploit code attempts to call a system function from a known location.
In the end, though, hacker disinterest in Mac OS X has more to do with numbers, as in market share, than in what protective measure Apple adds to the OS.
?It?s harder to write exploits for Windows than the Mac,? Miller said, ?but all you see are Windows exploits. That?s because if [the hacker] can hit 90% of the machines out there, that?s all he?s gonna do. It?s not worth him nearly doubling his work just to get that last 10%.?
?Apple didn?t change anything,? said Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker?s Handbook, and winner of two consecutive ?Pwn2own? hacker contests. ?It?s the exact same ASLR as in Leopard, which means it?s not very good.?
Because Snow Leopard lacks fully-functional address space layout randomisation, Macs are still easier to compromise than Windows Vista systems, Miller said. ?Snow Leopard?s more secure than Leopard, but it?s not as secure as Vista or Windows 7,? he said. ?When Apple has both [in place], that?s when I?ll stop complaining about Apple?s security.?
Address Space Layout Randomization (ASLR) is another technology, new in Windows 7 & Vista, that defend against the buffer overrun exploits. Each time you boot Windows, the system code is loaded into different locations of the memory. This seemingly simple change thwarts a class of well-known attacks in which the exploit code attempts to call a system function from a known location.
In the end, though, hacker disinterest in Mac OS X has more to do with numbers, as in market share, than in what protective measure Apple adds to the OS.
?It?s harder to write exploits for Windows than the Mac,? Miller said, ?but all you see are Windows exploits. That?s because if [the hacker] can hit 90% of the machines out there, that?s all he?s gonna do. It?s not worth him nearly doubling his work just to get that last 10%.?
Comments
All versions of Windows suffer from underlying flaws in the OS architecture dating back to the first Windows that was designed with absolutely no thought to security.
UNIX-based Mac OS X is inherently much much more resistant to attacks.
The only successful attacks against OS X are all social engineering types where the user is fooled into installing some sort of malware. No OS is safe from these types of attacks.
Try to find one single instance where malware has been activated without the user initiating the attack.
Rubbish.
All versions of Windows suffer from underlying flaws in the OS architecture dating back to the first Windows that was designed with absolutely no thought to security.
UNIX-based Mac OS X is inherently much much more resistant to attacks.
The only successful attacks against OS X are all social engineering types where the user is fooled into installing some sort of malware. No OS is safe from these types of attacks.
Try to find one single instance where malware has been activated without the user initiating the attack.
OK, let me play devil's advocate here.
Of all the criticisms levelled against Windows Vista, and there have been a litany, have any of them really centred around security (with the exception of the annoying prompts) ?
Besides, just because OS X is on top of a Unix layer doesn't mean that their own proprietary GUI layer doesn't have security issues.
Security is a moving target. Security in an OS must be constantly updated. It's not enough to rest on the laurels of a well designed architecture if you neglect to patch it.
I don't doubt that Microsoft's legacy API's and admin user by default policy make Windows insecure, but I don't think it's fair to automatically assume that OS X is far and away more secure.
I'd like somebody to verify the memory address space randomization claim. Is it true?
Apple has NEVER been concerned about security, they just rely on the fact that hackers don't write programs for an OS that no one uses. Hackers realize that the internet belongs to Windows, so that is who they go after the most. Microsoft has responded by making Windows safer with each version that has been released over the years... with Apple, it's still business as usual, make commercials lying about how safe a Mac is, as long as the fish take the bait, who cares
The flaw in your logic is that you are treating the security requirements of Windows and the Mac as universals. Security on MacOS X is built-in from the ground up. It is only speculation that the Mac GUI is a leaky roof covering a secure UNIX foundation. If you had data showing that there have been more successful exploits against the MacOS X than against generic UNIX, then you might have a point, but you do not. At any rate, security in Windows is an add-on. Security measures added to that platform most combat not only malware developers but also a culture that includes Microsoft, legitimate third-party software and hardware developers, and users who constantly work to undermine those same security measures.
?but also a culture that includes Microsoft, legitimate third-party software and hardware developers, and users who constantly work to undermine those same security measures.
The general user does not appreciate why the system binaries should be in a hard-to-access library, the relationship of an administrative account to standard accounts, and limiting access to your computer. That type of environment was part of protecting corporate data, government data, and research. UNIX was part of that particular "culture"; but unfortunately, many DOS, Windows, and early Macintosh operating systems cut corners (for various reasons), and the users of those platforms learned bad habits that left them exposed to security problems. You could go on and on about this subject.
Both Apple and Microsoft have moved away from the assumptions of local area networks managed by administrators to the wild and wooly Internet accessible to users. Apple made a big break to a UNIX variant developed as Mac OS X, thus changing the security environment for users. Microsoft has improved security with Vista and Windows 7, but still pays a heavy price because of a "culture" that unlearns slowly. That is not to say that Mac OS users are more savvy about security.
OK, let me play devil's advocate here.
Of all the criticisms levelled against Windows Vista, and there have been a litany, have any of them really centred around security (with the exception of the annoying prompts) ?
Besides, just because OS X is on top of a Unix layer doesn't mean that their own proprietary GUI layer doesn't have security issues.
Security is a moving target. Security in an OS must be constantly updated. It's not enough to rest on the laurels of a well designed architecture if you neglect to patch it.
I don't doubt that Microsoft's legacy API's and admin user by default policy make Windows insecure, but I don't think it's fair to automatically assume that OS X is far and away more secure.
I'd like somebody to verify the memory address space randomization claim. Is it true?
Rich Mogul has an article on Snow Leopard security, where he says that "One major disappointment in the midst of all these security enhancements is that Apple did not improve the Library Randomization feature introduced in Leopard." It has to do with dyld. Here is the URL:
http://db.tidbits.com/article/10509